CVE-2025-39202 — Vulnetix

CVE-2025-39202 PUBLISHED CVSS 8.300000190734863 HIGH

A vulnerability exists in in the Monitor Pro interface of the MicroSCADA X SYS600 product. An authenticated user with low privileges can see and overwrite files causing information leak and data corruption.

EPSS 0.15% · 35.0th percentile

Risk Scores

CVSS 4.0

8.300000190734863

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H

EPSS Score

0.15%

35.0th percentile

Affected Products

Vendor	Product	Versions
Hitachi Energy	MicroSCADA X SYS600	10.0
hitachienergy	microscada_x_sys600	10.0

Exploit Intelligence

CIRCL seen: CVE-2025-39202 (circl-sighting)
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000218&LanguageCode=en&DocumentPartId=&Action=Launch (circl)

Timeline

Jun 24, 2025 EPSS Score
Jun 24, 2025 Coalition ESS Score
Jun 24, 2025 Coalition ESS Score
Jun 24, 2025 CVE Published
Jun 25, 2025 CVE Updated
Jun 26, 2025 Coalition ESS Score
Jul 3, 2025 PoC Published
Jul 4, 2025 EPSS Score
Jul 14, 2025 EPSS Score
Jul 23, 2025 Coalition ESS Score
Jul 24, 2025 EPSS Score
Aug 3, 2025 EPSS Score

References

Open in Interactive Console →